i have these forms:
https://www.mychabad.org/templates/articlecco.asp?aid=1188756&jewish=General-Contributions.htm&lang=en&a开发者_Python百科mp;site=chabaduc.org
https://www.mychabad.org/templates/articlecco.asp?AID=1189379
https://www.mychabad.org/templates/articlecco.asp?aid=1189287&jewish=Shabbat-Holiday-Sponsorships.htm&lang=en&site=chabaduc.org
and last night they were attacked by a bunch of submissions
- is there anything simple i can with the code to avoid such attacks?
- if not, should i be using a different form service?
Try putting an empty field in the page, hide it via CSS and check if it's filled in. (Perhaps with a note beside that says to leave it empty in case a user has CSS disabled.) Many bots will fill every field in, so you can check if this field is empty.
CAPTCHA is the most well-known solution, but if you're looking for something simple, I've found that this works quite well: set your form's submit URL to blank (or something invalid) and introduce it via JavaScript. So far, I haven't seen a bot that executes JavaScript to get past forms. This does mean that users need to have JavaScript enabled, but most do anyway.
Example:
<form id="myform" action="" onsubmit="return doSubmit();">
...
</form>
<script type="text/javascript">
function doSubmit() {
// You can also do any validation here if required
document.getElementById('myform').action = 'real_submit_url';
return true;
}
</script>
I think you can read the basic concept from Captcha's website. Then, google for Captcha with classic ASP.
You may have to figure things out on your own after that, because we cannot see your ASP pages' source code.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论